Well put, bro. -mel via cell
> On Aug 16, 2022, at 9:08 PM, Peter Beckman <beck...@angryox.com> wrote: > > To make this more NANOGy, what is OUR role in all of this? > > Two questions that relate here: > > How does NANOG make inbound network abuse easier to stop and harder or > costlier for networks and clouds to ignore? > > How do NANOG operators attempt to keep private things private? > > > For the latter, IMHO most NANOG members likely also run, manage, or interact > with > businesses that hold data. > > Three of the NANOG Principles apply here: > > Security within our digital platforms > Sustainability of Internet technology professions > Innovation within the community > > > We all should be doing whatever we can within our own organizations to > improve end user privacy and security. I'm going to make another go at it > within my own. > > And anything we can do to make it harder for networks and cloud providers > to ignore abuse reports and stop it is an Innovation that might move the > burden of network attacks off of the recipients and onto the sources. > > Beckman > >> On Tue, 16 Aug 2022, richey goldberg wrote: >> >> “thought that google fi was a neutral pipe.” >> >> There is nothing neutral about Google or any of companies that are their >> competitors. They all have some sort of agenda which is to do what’s best >> for them or what they *think* is best for everyone else. Even if it’s not. >> >> “are google, like fb, recording and retaining direct messages and sms/mms >> contents” >> >> They may tell you they are not but there is no doubt in my mind they are and >> if they got caught their response would be “Oopsie, my bad”. >> >> -richey >> >> >> From: NANOG <nanog-bounces+richey.goldberg=gmail....@nanog.org> on behalf of >> Mark Seiden <m...@seiden.com> >> Date: Tuesday, August 16, 2022 at 3:48 PM >> To: Jon Lewis <jle...@lewis.org> >> Cc: nanog@nanog.org <nanog@nanog.org> >> Subject: Re: Google Abuse >> well, that isn’t exactly true. >> >> ALL of the fraudsters, business email compromisers, spoofing accounts are >> now from gmail and as far as i can tell, >> there is no evidence that they do ANYTHING about them. i recently gave a >> talk on fraudulent restaurant reviews >> in google maps. easy for humans to spot. (hundreds of machine learning >> engineers at google. what are they doing?) >> >> but here’s a counterexample… not that it serves anyone particularly well: >> >> a colleague of mine (ex googler, superb engineer, with a brother who is a >> current googler) had ALL of his google accounts >> deactivated recently. a google fi customer, he used it to send an mms photo >> of a rash on his toddler’s crotch to his wife, >> so she could upload it (using https) to their pediatrician’s portal for >> diagnosis. >> >> a few days later the cops were at the door with a search warrant. the cops >> agreed it was a false positive, but despite that, >> the accounts were deactivated (including gmail), seemingly permanently, >> despite multiple attempts to revive it and attempts >> at escalation. >> >> i was actually surprised. i thought that google fi was a neutral pipe. >> >> who knew that google mines mms images for pink parts? >> >> do the other cell phone companies do the same? (not that i particularly >> need to test it…) >> >> (is there any transparency here regarding the scanning and retention policy >> for sms and mms contents?) >> >> which raises, in the post-boggs world, another question: >> >> are google, like fb, recording and retaining direct messages and sms/mms >> contents, so they can turn them over >> to law enforcement who have become “interested" in who was pregnant and who >> stopped being pregnant? >> >> https://www.vice.com/en/article/n7zevd/this-is-the-data-facebook-gave-police-to-prosecute-a-teenager-for-abortion >> >> (once again, there ain’t no sanity clause.) >> >> >>>> On Aug 16, 2022, at 10:43 AM, Jon Lewis <jle...@lewis.org> wrote: >>> >>>> On Tue, 16 Aug 2022, Cristian Cardoso wrote: >>> >>>> Hi >>>> I'm receiving thousands of requests from a Google Clou VM on my network, >>>> I've already sent reports to Abuse from GCP, but without success, does >>>> anyone happen to have a Google abuse >>>> contact to indicate? >>> >>> There is no Google abuse. It's just traffic you don't want that they don't >>> care about. Block it at your edge and move on. >>> >>> ---------------------------------------------------------------------- >>> Jon Lewis, MCP :) | I route >>> StackPath, Sr. Neteng | therefore you are >>> _________ http://www.lewis.org/~jlewis/pgp for PGP public key_________ >> > > --------------------------------------------------------------------------- > Peter Beckman Internet Guy > beck...@angryox.com https://www.angryox.com/ > ---------------------------------------------------------------------------
